30 October 2018

Is your head in the ‘cloud’?

The cloud is a term most people are now familiar with, and from a business and commercial perspective, cloud computing continues to play a significant role in the way our clients operate.

From start-ups to multi-nationals and everything in between, companies have made the switch to using cloud computing as a SaaS or Software as a Product (SaaP) solution in order to focus on their core business needs, USPs and branding, instead of expending resources on costly computer infrastructure and maintenance.

We hope to give an insight into the key clauses you should look at, as a cloud provider or a customer, in your cloud contracts.

When provided with standard terms by large scale vendors of public cloud solutions (such as Microsoft Azure or AWS), our clients often only receive a warranty from the vendor to use ‘reasonable endeavours’ to correct non-compliance with the specifications contained within those terms.

This approach is often accepted where the differences in the respective bargaining powers of the parties is considerable (a ‘take it or leave it’ cloud offering); however, where the differences are smaller, or a customer wishes to use the cloud for business critical applications and services, there is often a degree of negotiation over this point.

A similar approach is often applied to alleged intellectual property Infringements.

Changes to the services/platform

In cloud service agreements, indeed in many SaaS or SaaP agreements in general, it is often the case that the service provider will reserve the right to make changes to the service or platform description. Where the cloud services are provided to vast number of clients – think Primark-style business model – this makes good commercial sense.

However, where the service is more specialist, or the cloud provider has a smaller number of niche clients, we have seen an increased flexibility for service providers to make concessions with regards to this clause.

Cloud providers have been more willing to commit only to improve the services offered, or at least not to make any material changes to the services, with the option to terminate without penalty if the client is not satisfied with these changes, finding a more client-friendly middle ground.

Liability exclusions

One of the key considerations in any contract, and even more so in cloud contracts, is limitation of liability. Cloud providers will often limit their liability to a cap of the fees paid for just the part of the services which was in breach of the agreement. Usually customers would want to negotiate a higher cap, limited to the fees paid under the contract as a whole.

We have also seen, in the advent of the GDPR, an increase in blanket exclusions of liability in relation to data related losses, and GDPR related indemnities. Cloud providers justify this approach by asserting that they would not be able to take on more significant degrees of liability as, if there was a significant data breach, the problem would probably affect multiple customers (if not all of them) and accordingly the provider would be exposed to multiple related claims. These, alongside the potential fines under the GDPR, would result in the company going bankrupt. For advice and further information, please contact Mike Griffin at mgriffin@hcrlaw.com